[Freeipa-devel] [PATCH] 531-541 OTP UI

Petr Vobornik pvoborni at redhat.com
Mon Feb 24 14:48:03 UTC 2014 

On 24.2.2014 15:31, Nathaniel McCallum wrote:
> On Mon, 2014-02-24 at 11:04 +0100, Petr Vobornik wrote:
>> On 21.2.2014 20:00, Nathaniel McCallum wrote:
>>> Is it possible to do something more intelligent for the key and date
>>> fields in the add-token UI?
>>>
>>> Date fields are currently just a text box. Is there any sort of calendar
>>> we could use here? If not, I'm still unsure of what the format should be
>>> for this field.
>>
>> It's the format you chose :), try to fill it in CLI, you will have the
>> same proble. From API level it's just string, from LDAP it's generalized
>> time.
>
> Is there a better option? I'm open to suggestions.

As I mentioned below, it's being implemented. The datetime patches will 
be send separately. The core OTP UI patches should not be blocked by them.

>
>> I've an UI patch prepared where you can write it in ISO format, with a
>> validator attached to it, so user will be noticed about the format, but
>> it's waiting for:
>> https://www.redhat.com/archives/freeipa-devel/2014-January/msg00057.html
>> https://www.redhat.com/archives/freeipa-devel/2014-January/msg00060.html
>>
>>>
>>> The key field should probably have a note indicating that it is Base32
>>> encoding. It would also be nice to restrict the input to Base32
>>> characters. Maybe even automatic case correction...
>>
>> Actually I think it doesn't help much. Show me a person who can write
>> base32 encoded string.... But I agree that a validator with some regex
>> to limit the chars and a note that it should be base32 string is better.
>> The question is what's the purpose of this field from user perspective.
>> Is a human being suppose to fill it or is it meant to be only filled by
>> some provisioning systems? In UI it's just as a backup?
>>
>> If there is a use case where user is suppose to choose the key, it would
>> be better to fill the key and convert it to base32 string on a server.
>
> I can't think of any case where a user would use the key field.
>
> However, there are at least two important cases where an admin would do
> this:
> 1. Hardware tokens
> 2. Transferring OATH (TOTP/HOTP) tokens from another system
>
> Nathaniel
>
What is the input format for these two cases? Is it base32 so admin can 
enter it into UI or is it plain text so he has to use different tool to 
encode it to base32 and then fill into UI?

-- 
Petr Vobornik

More information about the Freeipa-devel mailing list